Question

Discuss any security situations that you have personally encountered and how they were handled by the business organization. Do you feel comfortable with how businesses are safekeeping your data and transaction activities?

Answer 1

With our modern dependence on technology and security, nobody would dare to make this statement. Everyone knows how crucial security is and how it must be embedded into everything an organization does. A simple glance at the news provides details on the data breach of the day tied to an application security vulnerability. Take a stroll to the Information Security department and you'll hear about the latest blunder an employee made that resulted in lost data. Security is widespread and mainstream, but security culture has not kept pace with the threat landscape.

An organization’s security culture requires care and feeding. It is not something that grows in a positive way organically. You must invest in a security culture. A sustainable security culture is bigger than just a single event. When a security culture is sustainable, it transforms security from a one-time event into a lifecycle that generates security returns forever.

Many organizations have the opinion that the security department is responsible for security. Sustainable security culture requires that everyone in the organization is all in. Everyone must feel like a security person. This is security culture for everyone. Security belongs to everyone, from the executive staff to the lobby ambassadors. Everyone owns a piece of the company’s security solution and security culture.

Security awareness is the process of teaching your entire team the basic lessons about security. You must level set each person’s ability to judge threats before asking them to understand the depth of the threats. Security awareness has gotten a bad rap because of the mechanisms used to deliver it. Posters and in-person reviews can be boring, but they do not have to be. Add some creativity into your awareness efforts.

Of course, every organization has a security culture. If they say they don't, they are either lying or afraid to admit they have a bad security culture. The good news is that any security culture can positively change how the organization approaches security. But culture change takes time, so don't expect your members of your organization to overnight become pen-testing Ninjas that write secure code while they sleep. With the right process and attitude, you’ll get there.

Crimes against people and crimes against property can significantly add to your cost of doing business for many types of small businesses. Shoplifting and theft of business property are all too common and costly. Crimes against business owners, employees, customers, and others who enter the premises are less common, but can be more tragic and traumatic when they occur.

While you'll never be completely free from the effects of crimes against your business, there are decisions that you can make about your facility that can lessen the likelihood and impact of crime on your business. Primarily, these decisions concern facility location and building security.